Requirements for Building Effective Government WLANs
|
|
- Meagan McDaniel
- 5 years ago
- Views:
Transcription
1 White Paper Government Requirements for Building Effective Government WLANs CJ Mathias Farpoint Group
2 Introduction With governments just now beginning the adoption of wireless LANs as a key component of their network connectivity strategy, the purpose of this White Paper is to enumerate the issues and solutions now available that lead to successful government WLAN installations. Government networks, given the nature of information they transport, demand an aggressive security posture. They are also characterized by stringent high-availability and performance requirements, which cannot compromise security requirements in any way. Given that all of the security challenges that exist on wire are also present in wireless systems - including worms, viruses, software vulnerabilities, eavesdropping, break-ins (intrusions), unauthorized access, and denial-of-service attacks along with new threats unique to wireless LANs, an appropriate security plan and implementation can be complex. This potential complexity is enhanced by the fact that wireless signals often propagate well beyond the building or intended coverage area where a given WLAN is installed. Special care must be taken to ensure that WLANs remain secure. Fortunately, a vast amount of effort has been invested in identifying, understanding, and building systems and solutions that counter these challenges. Indeed, we even feel comfortable claiming that security on wireless LANs can exceed that usually implemented on wire. Core Federal Government Requirements There are a number of key federal requirements for information security, as follows: The Federal Information Security Management Act (FISMA) FISMA requires all federal agencies to develop, document, and implement an agency wide information security program. The National Institute of Standards and Technology (NIST) develops standards and provides guidance to federal agencies on information security practice. Their Wireless Network Security: , Bluetooth and Handheld Devices (Special Publication ) is an excellent place to start in understanding the risks and possibilities inherent in wireless security. 1 FIPS Level 2 This NIST developed standard specifies US Federal Government requirements for IT systems that are used for Sensitive But Unclassified (SBU) information. FIPS specifies security requirements that must be met by a conforming product. Independent evaluators work with NIST and product vendors to validate a given product s security functionality. Since early WLAN security schemes (those based on Wired Equivalent Privacy, or WEP) were proven insecure, the only way government agencies have been able to deploy WLANs to date has been by utilizing a proprietary Layer 2 encryption mechanism. These proprietary encryption overlays are very expensive and complex and do not provide the mobility and radio-management benefits of centralized WLAN mobility controllers.
3 DoD This is the key DoD policy for the use of commercial wireless devices for nonclassified communications within the DoD Global Information Grid. This policy requires that all DoD wireless infrastructure are both WPA2 certified and FIPS certified for i. Such elements as layer 2 encryption, strong authentication, non-repudiation, personal identification, FIPS compliance, addressing denial-of-service attacks, screening/sensing/monitoring, and other requirements are specified in this document. The latest development in this space is NIST approval of the IEEE i standard for WLAN security as acceptable for FIPS validation and impending approval of i by DoD for nonclassified deployments. With availability of FIPS-validated i products, the Federal Government can deploy commercially available 802.1X authentication and layer 2 AES encryption for securing their WLAN infrastructure. Common Criteria This is an internationally-adopted standard for information security. The creation of CC was lead by National Information Assurance Partnership (NIAP) program at NIST. Unlike FIPS, which provides a list of security requirements, Common Criteria provides a framework. Developers create their framework (referred to as a Security Target) and NIAP approved evaluators validate that a given product meets the claimed security functionality. When a particular framework for a class of product is widely accepted and approved by the NSA (National Security Agency), it is referred to as a Protection Profile (PP). In the Federal Government, Common Criteria validation is rapidly gaining acceptance as a key requirement. Addressing Federal Requirements - Aruba s WLAN Product Strategy It is clear that switched (also called centralized) architectures are the preferred solution for enterpriseand government-class deployments, where centralized mobility controllers are primarily responsible for control, configuration and management of a WLAN. Centralized architectures vary, of course, with respect to specific implementations, but the core advantage to this approach is the very limited role played by access points (APs). APs in this case are thin ; no state or other information is stored in the APs, enhancing security. Aruba extends the centralized architecture with a number of key benefits, as follows: Single Security Boundary While the definition of thin is still rather broad, Aruba believes that security processing should be centralized in the mobility controller, with not even security keys stored in the AP. While it has become popular in recent years to include security processing in the AP, there are at present no FIPS-certified WLAN chipsets that would allow a decentralized encryption architecture to gain FIPS approval. Moreover, the storage of security keys and certificates in the AP allows the possibility that this 2
4 information can be compromised. By moving all encryption and decryption processing to the mobility controller, the Aruba approach eliminates this possibility while providing both high-performance and endto-end FIPS-compliant security. Future-Proof Architecture A centralized architecture makes it much easier to apply updates and meet new requirements, for security or otherwise. By utilizing a high-performance programmable encryption chip in the controller, Aruba Mobility Controllers can be upgraded to new encryption algorithms centrally. Updating each access point individually for encryption is not only extremely cost-prohibitive, it is also often difficult because of the use of low-cost, non-programmable encryption chips that are typically used in APs. Thus the flexibility inherent in Aruba s centralized security architecture is critical to investment protection as federal security requirements continue to evolve, and clearly serves to minimize total cost of ownership (TCO) while maximizing return on investment (ROI). FIPS and Common Criteria Validation Aruba Mobility Controllers are the only mobility controllers that are FIPS Level 2 validated for i and that support all major encryption protocols in hardware, including AES. Aruba is the first and only vendor to achieve FIPS for i systems, primarily as a result of the centralized programmable encryption architecture of the Aruba Mobility Controllers. Aruba is already in evaluation for Common Criteria EAL-4 certification (as is noted on the NIAP web site). While there is no medium robustness Protection Profile for WLANs available today, Aruba has taken the initiative to work with NIAP and NSA on its own Security Target. This Security Target closely matches the draft WLAN Protection Profile published by the NSA and further adds Functional Security Requirements (FSRs) from the Firewall Protection Profile. In summary, Aruba is simultaneously defining and on a path to comply with the most stringent security standards for WLAN environments today. Integrated Security and Management Per-user, stateful firewalls Since wireless LANs represent a new edge for Federal and other networks, it s critical that the WLAN solution have an integrated (as opposed to add-on) stateful, per-user firewall. Aruba s firewall allows the definition of up to 512,000 simultaneous policies implemented on a per-user basis. The firewall is both bidirectional and dynamic; policies are role-based and can be easily modified as agency requirements change. Individual user permissions can also be set based upon their location at any moment in time, a capability unique to wireless. 3
5 RF monitoring and management Aruba s Access Points are used for communications with clients, but they can also be used as air monitors, sniffing the air for potential security problems such as intruders and rogue (unauthorized) access points. Other threats include denial-of-service attacks, and a variety of network intrusion scenarios. Aruba s products are architected with these threats in mind. Aruba s patentpending traffic classification algorithms are at the heart of the solutions set, allowing detailed analysis and immediate countermeasures against wireless threats. Jamming can be addressed via adjustments, made automatically, to AP channel and power settings. Similarly, man-in-the-middle, deauthentication, MAC-address spoofing, rogue APs, unintentional wireless bridges, and a huge range of other wirelessspecific threats can all be addressed without compromising fundamental system integrity (redundant configurations and failover are integral capabilities as well). Identity-based security All Aruba security features can be tied to the identity of specific users, and, if desired, specific client devices. Two-factor authentication is supported as well. Mobile users have no fixed location so enforcing access control based on physical port (like a wired network) is not an option. Assigning VLAN membership based on SSID is not fully secure and is open to MAC address spoofing attacks. Being able to tie a user s identity to their location, device type, authentication method and encryption type is key to achieving robust security demanded by government WLAN installations. Aruba's products allow corporations to tie stateful security policies to users as they authenticate, then have those policies follow them as they move throughout the network even when connecting from remote locations. This allows the implementation of a true "defense-in-depth" security framework that seamlessly overlays any existing IP data network while delivering mobility. xsec A joint development of Aruba and Juniper Networks (formerly Funk Software), xsec provides much-improved Layer-2 encryption (encrypting MAC addresses, for example), and also extends the capabilities similar to those of i/WPA2 to wired networks.. Implemented on clients, xsec can also be used to extend modern security to older access points. xsec is fully compliant with 802.1x, and has been approved under FIPS Hardware-based security acceleration makes these capabilities possible, and the Aruba architecture continues to provide a broad set of other important features, including location and tracking and mobility management with centralized control. This not only lowers total cost of ownership, but also makes it easier to audit the complete Agency security solution Conclusions - Best Practices for Federal Security 4 While civilian agencies have been deploying WLAN on an as-needed basis, the adoption rate within more sensitive agencies has been slow. Many defense agencies have simply not deployed any WLAN
6 because they have deemed them insecure. Aruba has taken a leadership role in addressing the barriers to further utilization of wireless LANs in all government-related missions. Unfortunately, an ad-hoc strategy built on necessity will require a significant systems-integration workload and will include the risk of developing a less-than-optimal solution. Given the expense and uncertainty associated with such a strategy, it is highly desirable to fully understand the requirements first and develop a solution prior to integration. Aruba s products feature full compliance with all key Federal information security requirements, and minimize complexity and cost by integrating all requirements into a single, comprehensive product family. There is no need to obtain a wireless LAN mobility controller and APs from one vendor, a firewall from another, IDS/IPS from a third, and so on. Aruba s solution obviates the need for this effort and expense, providing a complete and secure mobile network for government applications. About Aruba Networks Aruba securely delivers the enterprise network to users, wherever they work or roam, with user-centric networks that significantly expand the reach of traditional port-centric networks. User-centric networks integrate adaptive WLANs, identity-based security, and application continuity services into a cohesive, high-performance system that can be easily deployed as an overlay on top of existing network infrastructure. Adaptive WLANs deliver high-performance, follow-me connectivity so users are always within reach of mission-critical information. Identity-based security associates access policies with users, not ports, to enable follow-me security that is enforced regardless of access method or location. Application continuity services enable follow-me applications that can be seamlessly accessed across WLAN and cellular networks. The cost, convenience, and security benefits of user-centric networks are fundamentally changing how and where we work. Listed on the NASDAQ and Russell 2000 Index, Aruba is based in Sunnyvale, California, and has operations throughout the Americas, Europe, Middle East, and Asia Pacific regions. To learn more, visit Aruba at Aruba Networks, Inc. All rights reserved. Aruba Networks, BlueScanner and RFprotect are trademarks of Aruba Networks, Inc. All other trademarks or registered trademarks are the property of their respective holders. All rights reserved. Specifications are subject to change without notice. WP_GVW_US_
7 1322 Crossman Ave. Sunnyvale, CA Tel Fax Aruba Networks, Inc. All rights reserved. Aruba Networks, BlueScanner and RFprotect are trademarks of Aruba Networks, Inc. All other trademarks or registered trademarks are the property of their respective holders. All rights reserved. Specifications are subject to change without notice.
FIPS Validated i WLAN
Tech Brief Government FIPS Validated 802.11i WLAN Meeting Government Requirements for Secure Mobile Data Situation From the boardroom to the battlefield, no entity has a greater need for mobile communications
More informationThe Aruba Mobile Virtual Enterprise for Government. The Next Generation Network Access Architecture for Mobile Technology
The Next Generation Network Access Architecture for Mobile Technology Table of Contents Government agencies recognize the benefits of mobility 3 MOVE: A user-centric, role-based access architecture for
More informationPRODUCT GUIDE Wireless Intrusion Prevention Systems
PRODUCT GUIDE Wireless Intrusion Prevention Systems The Need for Wireless INTRUSION PREVENTION SYSTEMS A Wireless Intrusion Prevention System (WIPS) is designed to address two classes of challenges facing
More informationThe Aruba S3500 Mobility Access Switch
Tech Brief Enterprise The Aruba S3500 Mobility Access Switch Tech Brief: The Aruba S3500 Mobility Access Switch Table of Contents Introducing the Aruba S3500 Mobility Access Switch... 2 Flexible deployment
More informationWireless Attacks and Countermeasures
Wireless Attacks and Countermeasures Wireless Network Technology Wireless network refers to any type of computer network which is wireless, and is commonly associated with a network whose interconnections
More informationWhite paper. Combatant command (COCOM) next-generation security architecture
Combatant command () next-generation security architecture using NSA Suite B Table of Contents Combatant command () next-generation security architecture using NSA Suite B NSA Commercial Solution for Classified
More informationMulti-Layered Security Framework for Metro-Scale Wi-Fi Networks
Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks A Security Whitepaper January, 2004 Photo courtesy of NASA Image exchange. Image use in no way implies endorsement by NASA of any of the
More information802.11ac FREQUENTLY ASKED QUESTIONS. May 2012
802.11ac FREQUENTLY ASKED QUESTIONS May 2012 Table of Contents General Questions:... 3 1. What is 802.11ac?... 3 2. When will 802.11ac be ratified into a standard?... 3 5. Will 802.11ac come out before
More informationWLAN Security Overview
WLAN Security Overview This Chapter Explore the basic terminology of WLAN security. Discuss the organizations that create the standards, certifications, and recommendations that help guide and direct wireless
More informationWireless Network Security
Wireless Network Security Why wireless? Wifi, which is short for wireless fi something, allows your computer to connect to the Internet using magic. -Motel 6 commercial 2 but it comes at a price Wireless
More informationSECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS
SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS PROTECT YOUR DAILY OPERATIONS FROM BEING COMPROMISED In today s data-driven society, connectivity comes with a cost.
More informationWireless technology Principles of Security
Wireless technology Principles of Security 1 Wireless technologies 2 Overview This module provides an introduction to the rapidly evolving technology of wireless LANs (WLANs). WLANs redefine the way the
More informationWireless LAN Security (RM12/2002)
Information Technology in Education Project Reference Materials Wireless LAN Security (RM12/2002) Infrastructure Division Education Department The Government of HKSAR www.ited.ed.gov.hk December 2002 For
More informationStreamlined FISMA Compliance For Hosted Information Systems
Streamlined FISMA Compliance For Hosted Information Systems Faster Certification and Accreditation at a Reduced Cost IT-CNP, INC. WWW.GOVDATAHOSTING.COM WHITEPAPER :: Executive Summary Federal, State and
More informationAchieving a FIPS Compliant Wireless Infrastructure using Intel Centrino Mobile Technology Clients
Achieving a FIPS Compliant Wireless Infrastructure using Intel Centrino Mobile Technology Clients This document is provided as is with no warranties whatsoever, including any warranty of merchantability,
More information802.1X: Port-Based Authentication Standard for Network Access Control (NAC)
White Paper 802.1X: Port-Based Authentication Standard for Network Access Control (NAC) Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408.745.2000 1.888 JUNIPER www.juniper.net
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationSecure Government Computing Initiatives & SecureZIP
Secure Government Computing Initiatives & SecureZIP T E C H N I C A L W H I T E P A P E R WP 700.xxxx Table of Contents Introduction FIPS 140 and SecureZIP Ensuring Software is FIPS 140 Compliant FIPS
More informationOvercoming Concerns about Wireless PACs and I/O in Industrial Automation
Overcoming Concerns about Wireless PACs and I/O in Industrial Automation Industrial Automation Flirts with Wireless The automation industry increasingly finds wireless attractive, and for several reasons.
More informationSecure Mobility Challenges. Fat APs, Decentralized Risk. Physical Access. Business Requirements
Unified Wireless Switching Enabling a Truly Converged Network White Paper Abstract As businesses scale, traditional wireless network deployments become more complex, more costly and less secure. Users
More informationCYBER ATTACKS EXPLAINED: WIRELESS ATTACKS
CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS Wireless networks are everywhere, from the home to corporate data centres. They make our lives easier by avoiding bulky cables and related problems. But with these
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationWireless Network Security Fundamentals and Technologies
Wireless Network Security Fundamentals and Technologies Rakesh V S 1, Ganesh D R 2, Rajesh Kumar S 3, Puspanathan G 4 1,2,3,4 Department of Computer Science and Engineering, Cambridge Institute of Technology
More informationBreezeACCESS VL Security
BreezeACCESS VL Security Technical Paper Alvarion Ltd. All rights reserved. The material contained herein is proprietary. No part of this publication may be reproduced in any form without the express written
More informationOpenWay by Itron Security Overview
Itron White Paper OpenWay by Itron OpenWay by Itron Security Overview Kip Gering / R. Eric Robinson Itron Marketing / Itron Engineering 2009, Itron Inc. All rights reserved. 1 Executive Summary 3 Intent
More informationPRODUCT LINE MATRIX: Mobility Controllers
: ArubaOS 5.0 ARUBA 6000 MODULAR CONTROLLER WITH ARUBAOS 5.0 Features Aruba 6000 Chassis Supervisor Card SC-48-C1 SC-128-C1 SC-256-C2 M3 Max number of LAN-connected APs per controller 2,048 48 128 128
More informationChapter 24 Wireless Network Security
Chapter 24 Wireless Network Security Wireless Security Key factors contributing to higher security risk of wireless networks compared to wired networks include: o Channel Wireless networking typically
More informationTechnology Solution Guide. Deploying Entuity s Eye of the Storm with Aruba Networks Secure Mobility Solution
Technology Solution Guide Deploying Entuity s Eye of the Storm with Aruba Networks Secure Mobility Solution S/W Version: Eye of the Storm Enterprise 2011 WARRANTY DISCLAIMER THE FOLLOWING DOCUMENT, AND
More informationThe Economic Benefits of a Cooperative Control Wireless LAN Architecture
White Paper The Economic Benefits of a Cooperative Control Wireless LAN Architecture Aerohive Networks, Inc. 3150-C Coronado Avenue Santa Clara, California 95054 Phone: 408.988.9918 Toll Free: 1.866.918.9918
More informationHow does your organization manage Privileged Users?
How does your organization manage Privileged Users? A GOVERNMENT & MILITARY SOLUTION GUIDE IONsales@apitech.com www.apitech.com Tel: +1 908-546-3900 Who is ION Networks? ION Networks The most trusted name
More informationBeOn Security Cybersecurity for Critical Communications Systems
WHITEPAPER BeOn Security Cybersecurity for Critical Communications Systems Peter Monnes System Design Engineer Harris Corporation harris.com #harriscorp TABLE OF CONTENTS BeOn Security... 3 Summary...
More informationAchieving End-to-End Security in the Internet of Things (IoT)
Achieving End-to-End Security in the Internet of Things (IoT) Optimize Your IoT Services with Carrier-Grade Cellular IoT June 2016 Achieving End-to-End Security in the Internet of Things (IoT) Table of
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationSecuring Wireless Networks by By Joe Klemencic Mon. Apr
http://www.cymru.com/ Securing Wireless Networks by By Joe Klemencic (faz@home.com) Mon. Apr 30 2001 Many companies make attempts to embrace new technologies, but unfortunately, many of these new technologies
More informationNETWORK ACCESS CONTROL OVERVIEW. CONVENIENCE. SECURITY.
NETWORK ACCESS CONTROL OVERVIEW. CONVENIENCE. SECURITY. MACMON MODULE & BUNDLES DEVELOPMENT It is macmon s mission to improve and further develop its products. Exciting extensions are currently being worked
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationBYOD: BRING YOUR OWN DEVICE.
white paper BYOD: BRING YOUR OWN DEVICE. On-BOaRDING and Securing DEVICES IN YOUR Corporate NetWORk PrepaRING YOUR NetWORk to MEEt DEVICE DEMaND The proliferation of smartphones and tablets brings increased
More informationSamsung Security AP WHITE PAPER
WHITE PAPER Introduction Due to their high speed and standardized features such as enhanced authentication and encryption, enterprise WLAN network systems are currently growing in their use as infrastructure
More informationSecuring Wireless LANs with Certificate Services
1 Securing Wireless LANs with Certificate Services PHILIP HUYNH University of Colorado at Colorado Springs Abstract Wireless Local Access Network (WLAN) is used popularly in almost everywhere from the
More information802.1X: Port-Based Authentication Standard for Network Access
WHITE PAPER 802.1X: Port-Based Authentication Standard for Network Access Control (NAC) A Secure, Strong and Flexible Framework for Network Access Control (NAC) Copyright 2010, Juniper Networks, Inc. Table
More informationDefining IT Security Requirements for Federal Systems and Networks
Defining IT Security Requirements for Federal Systems and Networks Employing Common Criteria Profiles in Key Technology Areas Dr. Ron Ross 1 The Fundamentals Building more secure systems depends on the
More informationSYSTEM THREAT ANALYSIS FOR HIGH ASSURANCE SOFTWARE DEFINED RADIOS
SYSTEM THREAT ANALYSIS FOR HIGH ASSURANCE SOFTWARE DEFINED RADIOS David Murotake, (SCA Technica, Inc. Nashua NH, USA; david.murotak@scatechnica.com) Antonio Martin (SCA Technica, Inc., Nashua NH, USA;
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationStandard For IIUM Wireless Networking
INTERNATIONAL ISLAMIC UNIVERSITY MALAYSIA (IIUM) Document No : IIUM/ITD/ICTPOL/4.3 Effective Date : 13/11/2008 1.0 OBJECTIVE Standard For IIUM Wireless Networking Chapter : Network Status : APPROVED Version
More informationIBM Tivoli Directory Server
Build a powerful, security-rich data foundation for enterprise identity management IBM Tivoli Directory Server Highlights Support hundreds of millions of entries by leveraging advanced reliability and
More informationWireless Mobile Workforce
DeltaV Distributed Control System Service Data Sheet Wireless Mobile Workforce Increased worker productivity and accuracy Mobile operations management Scalable, secure and reliable communications Full
More informationThe Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions
The Mobile Risk Management Company Overview of Fixmo and Mobile Risk Management (MRM) Solutions Company Proprietary Information Copyright Fixmo Inc., 2012 Introduction to Fixmo Founded on a simple idea:
More informationInformation Technology Policy Board Members. SUBJECT: Update to County WAN/LAN Wireless Standards
COUNTY OF SACRAMENTO Inter-Departmental Correspondence December 6, 2007 TO: FROM: Information Technology Policy Board Members Jeff Leveroni, Chair Technology Review Group SUBJECT: Update to County WAN/LAN
More informationThe 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013
The 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013 Florin OGÎGĂU-NEAMŢIU National Defense University of Romania "Carol I"/ The Regional
More informationWIDS Technology White Paper
Technical white paper WIDS Technology White Paper Table of contents Overview... 2 Background... 2 Functions... 2 Rogue detection implementation... 2 Concepts... 2 Operating mechanism... 2 Operating modes...
More informationSingle Secure Credential to Access Facilities and IT Resources
Single Secure Credential to Access Facilities and IT Resources HID PIV Solutions Securing access to premises, applications and networks Organizational Challenges Organizations that want to secure access
More informationAssignment Project Whitepaper ITEC495-V1WW. Instructor: Wayne Smith. Jim Patterson
Project Whitepaper ITEC495-V1WW Instructor: Wayne Smith Jim Patterson Table of Contents 1. Abstract Page 3 2. Introduction Page 3 3. Analysis Page 4 4. Solution Discussion Page 7 5. Evaluation Criteria
More informationSymantec Client Security. Integrated protection for network and remote clients.
Symantec Client Security Integrated protection for network and remote clients. Complex Internet threats require comprehensive security. Today's complex threats require comprehensive security solutions
More informationDetecting & Eliminating Rogue Access Point in IEEE WLAN
Detecting & Eliminating Rogue Access Point in IEEE 802.11 WLAN S.B.Vanjale, Amol K. Kadam, Pramod A. Jadhav Department of Computer Engg Bharati Vidyapeeth Deemed University College of Engineering Pune.
More informationRSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief
Providing Secure Access to Corporate Resources from BlackBerry Devices Leveraging Two-factor Authentication Augmenting the BlackBerry Enterprise Solution BlackBerry devices are becoming ubiquitous throughout
More informationCOPYRIGHTED MATERIAL. Contents
Contents Foreword Introduction xxv xxvii Assessment Test xxxviii Chapter 1 WLAN Security Overview 1 Standards Organizations 3 International Organization for Standardization (ISO) 3 Institute of Electrical
More informationNGN: Carriers and Vendors Must Take Security Seriously
Research Brief NGN: Carriers and Vendors Must Take Security Seriously Abstract: The next-generation network will need to provide security on many levels. A comprehensive set of standards should be in place
More informationEnsuring System Protection throughout the Operational Lifecycle
Ensuring System Protection throughout the Operational Lifecycle The global cyber landscape is currently occupied with a diversity of security threats, from novice attackers running pre-packaged distributed-denial-of-service
More informationWhat is Eavedropping?
WLAN Security What is Eavedropping? War Driving War Driving refers to someone driving around with a laptop and an 802.11 client card looking for an 802.11 system to exploit. War Walking Someone walks
More informationWIRELESS AS A BUSINESS ENABLER. May 11, 2005 Presented by: Jim Soenksen and Ed Sale, Pivot Group
WIRELESS AS A BUSINESS ENABLER May 11, 2005 Presented by: Jim Soenksen and Ed Sale, Pivot Group Presentation Goals Describe the need for and benefits of Wireless Networking Describe the risks involved
More informationDIACAP and the GIG IA Architecture. 10 th ICCRTS June 16, 2005 Jenifer M. Wierum (O) (C)
DIACAP and the GIG IA Architecture 10 th ICCRTS June 16, 2005 Jenifer M. Wierum (O) 210-9252417 (C) 210-396-0254 jwierum@cygnacom.com OMB Circular A-130 (1996) OMB A-130 required systems and applications
More informationSteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)
Internet Communications Made Safe SteelGate Overview SteelGate Overview SteelGate is a high-performance VPN firewall appliance that Prevent Eliminate threats & attacks at the perimeter Stop unauthorized
More informationProtecting Your Cloud
WHITE PAPER Protecting Your Cloud Maximize security in cloud-based solutions EXECUTIVE SUMMARY With new cloud technologies introduced daily, security remains a key focus. Hackers and phishers capable of
More informationARUBA MULTIZONE DATA SHEET
Aruba s centralized architecture provides a more secure Wi-Fi environment that is different from any other Wi-Fi vendor on the market today. Among the key security advantages of this architecture are:
More informationIT-CNP, Inc. Capability Statement
Securing America s Infrastructure Security Compliant IT Operations Hosting Cyber Security Information FISMA Cloud Management Hosting Security Compliant IT Logistics Hosting 1 IT-CNP, Inc. is a Government
More informationSimple and secure PCI DSS compliance
Simple and secure PCI DSS compliance Get control over PCI audit scope while dramatically improving security posture Decrease IT CapEx and OpEx costs by 25% Reduce PCI compliance time by up to 30% Reduce
More informationThe Telkonet iwire System Frequently-Asked Questions - General
GATEWAY TO THE WORLD The Telkonet iwire System Frequently-Asked Questions - General FAQs Definitions What is powerline communications (PLC) technology? Powerline communications (PLC) technology refers
More informationNCIRC Security Tools NIAPC Submission Summary Juniper IDP 200
NCIRC Security Tools NIAPC Submission Summary Juniper IDP 200 Document Reference: Security Tools Internal NIAPC Submission NIAPC Category: Intrusion Detection & Prevention Date Approved for Submission:
More informationSecurity Assessment Checklist
Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment
More informationA POLYCOM WHITEPAPER Deploying Enterprise-Grade Wi-Fi Telephony : Coverage, Capacity, Quality of Service, and Security Considerations for Delivering
Deploying Enterprise-Grade Wi-Fi Telephony : Coverage, Capacity, Quality of Service, and Security Considerations for Delivering Excellent Voice Quality on Enterprise Wi-Fi Networks November 2010 Coverage,
More informationProduct Brief: SDC-MSD30AG a/g Miniature SDIO Module with Antenna Connectors
Product Brief: SDC-MSD0AG 802.11a/g Miniature SDIO Module with Antenna Connectors The SDC-MSD0AG SDIO radio module from Summit Data Communications combines a high-performance 802.11a/g radio with the Summit
More informationWireless MAXg Technology
Wireless MAXg Technology MAXimizing range, performance, security and simplicity for 802.11g networks Technology Note Wireless technology has undoubtedly become a ubiquitous presence in our computing environment,
More informationMaaS360 Secure Productivity Suite
MaaS360 Secure Productivity Suite Frequently Asked Questions (FAQs) What is MaaS360 Secure Productivity Suite? MaaS360 Secure Productivity Suite integrates a set of comprehensive mobile security and productivity
More informationWireless LAN Solutions
Wireless LAN Solutions Juniper Networks delivers wireless solutions for enterprises of all sizes and types from small retail installations to the largest campuses Your JUNIPER NETWORKS dedicated Sales
More informationAppendix 12 Risk Assessment Plan
Appendix 12 Risk Assessment Plan DRAFT March 5, 2007 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A12-i RFP: TQC-JTB-05-0002 March 5, 2007 REVISION HISTORY Revision
More informationHardware Capabilities. Product Brief: SDC-PC20G g PCMCIA Card with Integrated Antenna
Product Brief: SDC-PC20G 802.11g PCMCIA Card with Integrated Antenna The SDC-PC20G PCMCIA card from Summit Data Communications combines Summit s 802.11g radio and customized software both proven on mobile
More informationWhat is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne
Introduction to Wireless Networking and Security Chino Information Technology Center Steve Siedschlag, Associate Professor What is a Wireless LAN? The wireless telegraph is not difficult to understand.
More information10 Considerations for a Cloud Procurement. March 2017
10 Considerations for a Cloud Procurement March 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
More informationCisco Unified Wireless Network Software Release 5.2
Cisco Unified Wireless Network Software Release 5.2 PB507140 Overview With Cisco Unified Wireless Network Software Release 5.2, Cisco is delivering critical features for its industry-leading indoor and
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationPROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL
Q&A PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL This document answers questions about Protected Extensible Authentication Protocol. OVERVIEW Q. What is Protected Extensible Authentication Protocol? A.
More informationNational Information Assurance Partnership (NIAP) 2017 Report. PPs Completed in CY2017
National Information Assurance Partnership (NIAP) 2017 Report NIAP continued to grow and make a difference in 2017 from increasing the number of evaluated products available for U.S. National Security
More informationProgress Report National Information Assurance Partnership
Progress Report 2012-2015 National Information Assurance Partnership Executive Summary The National Information Assurance Partnership (NIAP) has made significant progress in three primary mission areas:
More informationVirtustream Cloud and Managed Services Solutions for US State & Local Governments and Education
Data Sheet Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education Available through NASPO ValuePoint Cloud Services VIRTUSTREAM CLOUD AND MANAGED SERVICES SOLUTIONS
More informationOptimized Wireless LAN Plan An AirTight Service. For
Optimized Wireless LAN Plan An AirTight Service For Sample Customer The Global Leader in Wireless Vulnerability Management AirTight Networks 339 N. Bernardo Avenue #200 Mountain View, CA 94043 www.airtightnetworks.com
More informationWhite Paper. WLAN Security: Top 10 Checklist. December 10, 2003
December 10, 2003 Table of Contents 3 4 1. Can you prevent wireless deployment until your IT staff is ready to support it? 5 2. Is every element of your wireless system secure? 6 3. Are your access points
More informationDoDD DoDI
DoDD 8500.1 DoDI 8500.2 Tutorial Lecture for students pursuing NSTISSI 4011 INFOSEC Professional 1 Scope of DoDD 8500.1 Information Classes: Unclassified Sensitive information Classified All ISs to include:
More informationSimple and Secure Micro-Segmentation for Internet of Things (IoT)
Solution Brief Simple and Secure Micro-Segmentation for Internet of Things (IoT) A hardened network architecture for securely connecting any device, anywhere in the world Tempered Networks believes you
More informationSecuring Today s Mobile Workforce
WHITE PAPER Securing Today s Mobile Workforce Secure and Manage Mobile Devices and Users with Total Defense Mobile Security Table of Contents Executive Summary..................................................................................
More informationComplying with RBI Guidelines for Wi-Fi Vulnerabilities
A Whitepaper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Mountain View, CA 94043 www.airtightnetworks.com 2013 AirTight Networks, Inc. All rights reserved. Reserve Bank of India (RBI) guidelines
More informationProduct Brief: SDC-PC22AG a/g PCMCIA Card with Integrated Antenna
Product Brief: SDC-PC22AG 802.11a/g PCMCIA Card with Integrated Antenna The SDC-PC22AG PC Card (PCMCIA) radio card from Summit Data Communications combines a high-performance 802.11a/g radio with customized
More informationAttacking Networks. Joshua Wright LightReading LIVE! October 1, 2003
Attacking 802.11 Networks Joshua Wright Joshua.Wright@jwu.edu LightReading LIVE! October 1, 2003 Attention The material presented here reflects the personal experience and opinions of the author, and not
More informationWireless Networking WiFi Standards 802.11a 5GHz 54MB 802.11b 2.4 GHz 11MB 802.11g 2.4GHz 52MB 802.11n 2.4/5GHz 108MB 802.11b The 802.11b standard has a maximum raw data rate of 11 Mbit/s, and uses
More informationPotential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group
Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group Submitted on behalf of the U.S. Department of Energy National
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE Digital Policy Management consists of a set of computer programs used to generate, convert, deconflict, validate, assess
More informationAppendix E Wireless Networking Basics
Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical
More informationPlanning a scalable long-term wireless strategy
Planning a scalable long-term wireless strategy While operators in many markets will continue to invest in maintaining and upgrading 2G networks for the foreseeable future, operators in other markets have
More informationAppendix 12 Risk Assessment Plan
Appendix 12 Risk Assessment Plan DRAFT December 13, 2006 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A12-1 RFP: TQC-JTB-05-0001 December 13, 2006 REVISION HISTORY
More informationComplying with PCI DSS 3.0
New PCI DSS standards are designed to help organizations keep credit card information secure, but can cause expensive implementation challenges. The F5 PCI DSS 3.0 solution allows organizations to protect
More informationThe Case for Secure Communications
Whitepaper The Case for Secure Communications The tapping of voice communications has occurred virtually as long as electronic communication has been in existence. In the early days of electronic communications,
More information